Exempting Users Without Valid Authentication Methods

The Privileged Access Service looks into the user’s Active Directory/LDAP or Delinea Directory account for the mobile phone number or email address used for multifactor authentication. Normally, users without a mobile phone number or email address cannot log into Delinea Connector when you enable authentication policy controls.

To exempt users from multifactor authentication when their account does not have a mobile phone number and email address:

1. Log in to the Admin Portal.

2. Click Access > Policies.

3. Select the relevant policy or create a new one.

4. Click Login Polices > Delinea Services.

5. Enable the Allow users without a valid authentication factor to log in setting in the Other Settings section.

6. Click Save.